Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a20802e-f5fb-4abd-80f7-08b513b11102.roa
File:                     4a20802e-f5fb-4abd-80f7-08b513b11102.roa (raw, json)
Hash identifier:          Ble+oqCHOmqTWwRXnUXBBRN3ci2CopPbGA28OmGnLqY=
Subject key identifier:   26:96:5B:BB:EA:9F:41:CF:BE:45:8E:68:D2:EC:F9:09:F0:FB:F2:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       25AAC4104F1D98E05847FBD2BC706304A8C56858
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a20802e-f5fb-4abd-80f7-08b513b11102.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        54.21.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:aa:c4:10:4f:1d:98:e0:58:47:fb:d2:bc:70:63:04:a8:c5:68:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=26bdf0468fd3eab1d8533d634fd056a2cb9d8ccae6b8c48899a2553eedc0d149, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:cc:e5:ac:67:27:0c:b0:1a:9f:7c:30:cd:41:
                    43:d3:be:9b:c1:4e:b5:93:c2:12:ad:2a:f0:2e:f2:
                    22:b4:41:d9:40:6a:84:c5:12:62:70:bc:08:89:21:
                    1f:a1:04:9c:3d:9e:95:d2:08:bc:fa:3e:e4:78:a5:
                    72:ab:19:ff:32:73:54:ae:ab:7b:06:6c:75:47:fd:
                    79:e1:02:b0:d3:07:d5:bd:9c:19:4c:1b:3d:a6:d8:
                    fb:78:09:a6:39:87:3c:f0:ba:a0:8a:16:2f:83:93:
                    c9:e3:af:79:7f:39:c1:b7:5a:b7:54:1c:d3:f1:b8:
                    4e:43:a0:39:28:db:23:8c:bf:04:b5:cc:e4:ab:62:
                    58:0a:24:cc:76:5d:4e:69:e9:e5:e5:05:f7:ad:cb:
                    37:97:11:4c:10:75:2a:d1:02:96:b0:4d:1a:c8:c9:
                    0a:28:21:68:a7:2c:f8:8b:5c:c7:2f:ce:aa:60:9e:
                    37:e5:92:4d:81:24:7b:5d:6b:f0:01:1a:3b:30:7d:
                    87:bc:74:59:c6:44:04:54:ae:63:25:31:a7:9a:ad:
                    55:bf:fb:be:60:ea:5a:45:d9:60:e3:5e:f7:9d:cf:
                    6e:5b:46:a6:03:ab:f0:44:13:4c:77:da:5d:c6:cd:
                    9a:08:3d:45:cc:7c:1d:27:e5:e2:00:36:59:a5:23:
                    7c:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:96:5B:BB:EA:9F:41:CF:BE:45:8E:68:D2:EC:F9:09:F0:FB:F2:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a20802e-f5fb-4abd-80f7-08b513b11102.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.21.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c3:fa:dd:f4:a9:63:6b:3a:a0:3c:5f:f7:9c:ef:0d:cf:b8:92:
         61:5e:52:3a:df:53:01:20:81:06:a2:e3:ff:78:63:01:39:a7:
         12:b6:02:c6:99:45:83:11:03:60:88:ef:e1:b8:0f:03:71:18:
         90:05:98:f9:75:cf:d6:ba:97:88:46:38:52:bc:0f:3f:ae:52:
         a5:ef:a5:46:df:14:9c:6d:f3:9f:3e:43:6a:aa:c1:b4:6c:ab:
         81:67:53:9d:82:6f:1e:3d:18:36:1e:68:47:e4:67:71:5d:ab:
         dc:e9:a6:d5:77:18:8c:54:e6:58:8f:6a:9f:3a:b9:98:06:ca:
         e1:7c:c1:6c:ea:d3:f6:45:01:17:aa:8c:0c:e2:13:c2:33:cb:
         8e:b6:d6:29:81:31:43:c4:60:0b:d9:a5:ba:d9:6d:b7:f2:6e:
         8c:9b:c3:f3:86:a3:55:a0:2f:28:73:f1:dc:40:0a:72:5b:ea:
         b5:03:40:97:cc:c3:b9:8f:20:54:fc:0c:50:df:3b:73:cc:f3:
         45:98:63:48:51:82:0a:6f:16:72:0c:36:83:99:20:a9:ca:07:
         f1:7e:f8:85:4e:2c:6b:8b:82:c9:ce:c4:f4:66:f9:13:3c:ca:
         b8:28:21:99:b4:dc:51:23:3d:9a:a2:d4:65:c7:d4:91:0e:fe:
         02:26:d4:c9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJarEEE8dmOBYR/vSvHBjBKjFaFgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNmJkZjA0NjhmZDNlYWIxZDg1MzNkNjM0ZmQwNTZhMmNi
OWQ4Y2NhZTZiOGM0ODg5OWEyNTUzZWVkYzBkMTQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCczOWsZycMsBqffDDNQUPTvpvBTrWTwhKtKvAu8iK0QdlA
aoTFEmJwvAiJIR+hBJw9npXSCLz6PuR4pXKrGf8yc1Suq3sGbHVH/XnhArDTB9W9
nBlMGz2m2Pt4CaY5hzzwuqCKFi+Dk8njr3l/OcG3WrdUHNPxuE5DoDko2yOMvwS1
zOSrYlgKJMx2XU5p6eXlBfetyzeXEUwQdSrRApawTRrIyQooIWinLPiLXMcvzqpg
njflkk2BJHtda/ABGjswfYe8dFnGRARUrmMlMaearVW/+75g6lpF2WDjXvedz25b
RqYDq/BEE0x32l3GzZoIPUXMfB0n5eIANlmlI3xBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJpZbu+qfQc++RY5o0uz5CfD78iowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhMjA4MDJlLWY1ZmItNGFiZC04MGY3LTA4YjUxM2IxMTEwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2FTANBgkqhkiG9w0BAQsFAAOCAQEAw/rd9KljazqgPF/3nO8Nz7iSYV5S
Ot9TASCBBqLj/3hjATmnErYCxplFgxEDYIjv4bgPA3EYkAWY+XXP1rqXiEY4UrwP
P65Spe+lRt8UnG3znz5DaqrBtGyrgWdTnYJvHj0YNh5oR+RncV2r3Omm1XcYjFTm
WI9qnzq5mAbK4XzBbOrT9kUBF6qMDOITwjPLjrbWKYExQ8RgC9mlutltt/JujJvD
84ajVaAvKHPx3EAKclvqtQNAl8zDuY8gVPwMUN87c8zzRZhjSFGCCm8Wcgw2g5kg
qcoH8X74hU4sa4uCyc7E9Gb5EzzKuCghmbTcUSM9mqLUZcfUkQ7+AibUyQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:22 2024 by rpki-client on console-ams.rpki-client.org